CSRF to DoS

Written by on May 13th, 2008

If you have read my previous article about CSRF on SiteMap Engine to launch a Denial Of Service (Sorry for my noob-ness that I targeted DoS to exhaust server bandwith). This time I am going to show you how to launch a DoS using CSRF that will burden the server load.

Here the story goes :

Site ABC is an online electronic devices store. It has a search form that uses GET requests. Let say the URL to search for keyword “tv” is this : http://www.abc.com/?q=tv.

PoC :

<img src=”http://www.abc.com/?q=tv” height=”1″ width=”1″/>

Each page load from the CSRF inserted page will exhaust the targeted server load. Feedback or critics are welcomed.

No Post Relate to this


[Read the rest on (it)gossips network: Zoiz]

Filed under: Review

RSS feed | Trackback URI

Comments »

No comments yet.

Name (required)
E-mail (required - never shown publicly)
URI
Your Comment (smaller size | larger size)
You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> in your comment.

Trackback responses to this post

Additional information for CSRF to DoS, search terms: index of txt No Root For You -htm -html -php -asp,